Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 11+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
Go os.Root Path Traversal Mitigation: Merge #2187 Analysis
github.com · 2026-05-10
apko
Read more
High
Fix for pkg/apk DiscoverKeys Non-RSA JWK Panic Vulnerability
github.com · 2026-05-10
apk:<=latest
Read more
High
APK Package Management Control Hash Verification Bypass Vulnerability Summary and POC
github.com · 2026-05-10
apk
Read more
High
Path Traversal Vulnerability Fix in Go Linter (CWE-22)
github.com · 2026-04-24
melange
Read more
Medium
melange CVE-2025-29551 Path Traversal via .PKGINFO
CVE-2025-29551 · github.com · 2026-04-24
melange >= 0.32.0, < 0.43.4
Read more
Medium
melange CVE-2026-29050 Path Traversal to RCE via pipeline[].uses
CVE-2026-29050 · github.com · 2026-04-24
melange >= 0.32.0, < 0.43.4
Read more
High
Shell Injection Fix (GHSA-vqqr-rmpc-hhg2): Escaping Implementation and Test Cases
GHSA-vqqr-rmpc-hhg2 · github.com · 2026-02-05
melange
Read more
High
tar Path Traversal Vulnerability Fix (GHSA-qxx2-7h4c-83f4)
GHSA-qxx2-7h4c-83f4 · github.com · 2026-02-05
melange
Read more
High
Path Traversal Fix: LicensePath Handling and Defense Mechanism
github.com · 2026-02-05
melange
Read more
Medium
melange CVE-2026-25145 Path Traversal in license-path Allows Host File Read
CVE-2026-25145 · github.com · 2026-02-05
melange v0.14.0 to v0.40.4
Read more
High
CVE-2026-25143: melange license-check pipeline command injection
CVE-2026-25143 · github.com · 2026-02-05
melange v0.10.0 · melange v0.40.4
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.